[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <SG2PR03MB0796167A00F3C2E6C69B6540E48A0@SG2PR03MB0796.apcprd03.prod.outlook.com>
Date: Fri, 31 Jul 2015 12:34:33 +0000
From: <ravulakollu.kumar@...ro.com>
To: <thomasfherbert@...il.com>, <netdev@...r.kernel.org>,
<pshelar@...ira.com>
CC: <dev@...nvswitch.org>, <therbert@...hat.com>
Subject: RE: [ovs-dev] [PATCH net-next 3/3] openvswitch: 802.1AD: Flow
handling, actions, vlan parsing and netlink attributes
Hi Thomas,
I have applied your below mentioned 1ad patch to ovs-master code. Compiled successfully. I am running ovs in a centos machine.
I have created bridge and configured ports using below commands.
ovs-vsctl --no-wait add-br br0
ovs-vsctl --no-wait add-port br0 eth0 tag=100 vlan_mode=native-tagged /access
ovs-vsctl --no-wait add-port br0 eth1
Configured the bridge to work in legacy bridge mode
$ ovs-ofctl dump-flows br0
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=15.458s, table=0, n_packets=0, n_bytes=0, idle_age=15, priority=0 actions=NORMAL
And started running vswitchd
$ ovs-vswitchd --pidfile
Started pumping traffic from outside using ostinato packet generator for Phy-Phy scenario(sending to eth0 ,receiving back on eth1)
My observation is
1) For untagged packet received on eth0 pushing vid 100 and packet flow is fine
2) For already tagged (1q) packet received on eth0 packet is dropped , I could see vswitchd log throwing below error(duplicate eth_type attribute in flow key)
2015-07-31T12:13:59Z|00001|ovs_numa|INFO|Discovered 4 CPU cores on NUMA node 0
2015-07-31T12:13:59Z|00002|ovs_numa|INFO|Discovered 1 NUMA nodes and 4 CPU cores
2015-07-31T12:13:59Z|00003|reconnect|INFO|unix:/usr/local/var/run/openvswitch/db.sock: connecting...
2015-07-31T12:13:59Z|00004|reconnect|INFO|unix:/usr/local/var/run/openvswitch/db.sock: connected
2015-07-31T12:13:59Z|00005|ofproto_dpif|INFO|system@...-system: Datapath supports recirculation
2015-07-31T12:13:59Z|00006|ofproto_dpif|INFO|system@...-system: MPLS label stack length probed as 1
2015-07-31T12:13:59Z|00007|ofproto_dpif|INFO|system@...-system: Datapath supports unique flow ids
2015-07-31T12:13:59Z|00001|ofproto_dpif_upcall(handler1)|INFO|received packet on unassociated datapath port 0
2015-07-31T12:13:59Z|00008|bridge|INFO|bridge br0: added interface eth0 on port 1
2015-07-31T12:13:59Z|00009|bridge|INFO|bridge br0: added interface br0 on port 65534
2015-07-31T12:13:59Z|00010|bridge|INFO|bridge br0: added interface eth1 on port 2
2015-07-31T12:13:59Z|00011|bridge|INFO|bridge br0: using datapath ID 0000eac07aea5143
2015-07-31T12:13:59Z|00012|connmgr|INFO|br0: added service controller "punix:/usr/local/var/run/openvswitch/br0.mgmt"
2015-07-31T12:13:59Z|00013|bridge|INFO|ovs-vswitchd (Open vSwitch) 2.3.90
2015-07-31T12:14:09Z|00014|memory|INFO|2420 kB peak resident set size after 10.0 seconds
2015-07-31T12:14:09Z|00015|memory|INFO|handlers:2 ports:3 revalidators:2 rules:5
2015-07-31T12:16:31Z|00001|odp_util(handler6)|ERR|duplicate eth_type attribute in flow key
2015-07-31T12:26:51Z|00002|odp_util(handler6)|ERR|duplicate eth_type attribute in flow key
Please, let me know whether I missed anything in the configuration. It would be helpful if someone could let me
Know how I can insert 1ad tag on ingress.
Thanks & Regards,
Uday
-----Original Message-----
From: dev [mailto:dev-bounces@...nvswitch.org] On Behalf Of Thomas F Herbert
Sent: Sunday, July 26, 2015 8:23 PM
To: netdev@...r.kernel.org; pshelar@...ira.com
Cc: dev@...nvswitch.org; therbert@...hat.com
Subject: [ovs-dev] [PATCH net-next 3/3] openvswitch: 802.1AD: Flow handling, actions, vlan parsing and netlink attributes
Add support for 802.1ad including the ability to push and pop double tagged vlans. Add support for 802.1ad to netlink parsing and flow conversion. Uses double nested encap attributes to represent double tagged vlan. Inner TPID encoded along with ctci in nested attributes. Allows either 0x8100 or 0x88a8 on inner or outer tags.
Signed-off-by: Thomas F Herbert <thomasfherbert@...il.com>
---
net/openvswitch/flow.c | 84 +++++++++++++++---
net/openvswitch/flow.h | 5 ++
net/openvswitch/flow_netlink.c | 196 ++++++++++++++++++++++++++++++++++-------
3 files changed, 243 insertions(+), 42 deletions(-)
diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c index 8db22ef..0abab37 100644
--- a/net/openvswitch/flow.c
+++ b/net/openvswitch/flow.c
@@ -298,21 +298,80 @@ static bool icmp6hdr_ok(struct sk_buff *skb) static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key) {
struct qtag_prefix {
- __be16 eth_type; /* ETH_P_8021Q */
+ __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
__be16 tci;
};
- struct qtag_prefix *qp;
+ struct qtag_prefix *qp = (struct qtag_prefix *)skb->data;
- if (unlikely(skb->len < sizeof(struct qtag_prefix) + sizeof(__be16)))
+ struct qinqtag_prefix {
+ __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
+ __be16 tci;
+ __be16 inner_tpid; /* ETH_P_8021Q */
+ __be16 ctci;
+ };
+
+ if (likely(skb_vlan_tag_present(skb))) {
+ key->eth.tci = htons(skb->vlan_tci);
+
+ /* Case where upstream
+ * processing has already stripped the outer vlan tag.
+ */
+ if (unlikely(skb->vlan_proto == htons(ETH_P_8021AD))) {
+ if (unlikely(skb->len < sizeof(struct qtag_prefix) +
+ sizeof(__be16))) {
+ key->eth.tci = 0;
+ return 0;
+ }
+
+ if (unlikely(!pskb_may_pull(skb,
+ sizeof(struct qtag_prefix) +
+ sizeof(__be16)))) {
+ return -ENOMEM;
+ }
+
+ if (likely(qp->eth_type == htons(ETH_P_8021Q))) {
+ key->eth.cvlan.ctci =
+ qp->tci | htons(VLAN_TAG_PRESENT);
+ key->eth.cvlan.c_tpid = qp->eth_type;
+ __skb_pull(skb, sizeof(struct qtag_prefix));
+ }
+ }
return 0;
+ }
- if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
- sizeof(__be16))))
- return -ENOMEM;
- qp = (struct qtag_prefix *) skb->data;
- key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
- __skb_pull(skb, sizeof(struct qtag_prefix));
+ if (qp->eth_type == htons(ETH_P_8021AD)) {
+ struct qinqtag_prefix *qinqp =
+ (struct qinqtag_prefix *)skb->data;
+
+ if (unlikely(skb->len < sizeof(struct qinqtag_prefix) +
+ sizeof(__be16)))
+ return 0;
+
+ if (unlikely(!pskb_may_pull(skb, sizeof(struct qinqtag_prefix) +
+ sizeof(__be16)))) {
+ return -ENOMEM;
+ }
+ key->eth.tci = qinqp->tci | htons(VLAN_TAG_PRESENT);
+ key->eth.cvlan.ctci = qinqp->ctci | htons(VLAN_TAG_PRESENT);
+ key->eth.cvlan.c_tpid = qinqp->inner_tpid;
+
+ __skb_pull(skb, sizeof(struct qinqtag_prefix));
+
+ return 0;
+ }
+ if (qp->eth_type == htons(ETH_P_8021Q)) {
+ if (unlikely(skb->len < sizeof(struct qtag_prefix) +
+ sizeof(__be16)))
+ return -ENOMEM;
+
+ if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
+ sizeof(__be16))))
+ return 0;
+ key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
+
+ __skb_pull(skb, sizeof(struct qtag_prefix));
+ }
return 0;
}
@@ -474,9 +533,10 @@ static int key_extract(struct sk_buff *skb, struct sw_flow_key *key)
*/
key->eth.tci = 0;
- if (skb_vlan_tag_present(skb))
- key->eth.tci = htons(skb->vlan_tci);
- else if (eth->h_proto == htons(ETH_P_8021Q))
+ key->eth.cvlan.ctci = 0;
+ key->eth.cvlan.c_tpid = 0;
+ if ((skb_vlan_tag_present(skb)) ||
+ eth_type_vlan(eth->h_proto))
if (unlikely(parse_vlan(skb, key)))
return -ENOMEM;
diff --git a/net/openvswitch/flow.h b/net/openvswitch/flow.h index b62cdb3..69c48c6 100644
--- a/net/openvswitch/flow.h
+++ b/net/openvswitch/flow.h
@@ -69,6 +69,11 @@ struct sw_flow_key {
u8 src[ETH_ALEN]; /* Ethernet source address. */
u8 dst[ETH_ALEN]; /* Ethernet destination address. */
__be16 tci; /* 0 if no VLAN, VLAN_TAG_PRESENT set otherwise. */
+ struct {
+ __be16 c_tpid; /* Vlan DL_type 802.1q or 802.1ad */
+ __be16 ctci; /* 0 if no CVLAN, VLAN_TAG_PRESENT */
+ /* set otherwise. */
+ } cvlan;
__be16 type; /* Ethernet frame type. */
} eth;
union {
diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c index a6eb77a..946f99d 100644
--- a/net/openvswitch/flow_netlink.c
+++ b/net/openvswitch/flow_netlink.c
@@ -771,6 +771,31 @@ static int metadata_from_nlattrs(struct sw_flow_match *match, u64 *attrs,
return 0;
}
+static int cust_vlan_from_nlattrs(struct sw_flow_match *match, u64 attrs,
+ const struct nlattr **a, bool is_mask,
+ bool log)
+{
+ /* This should be nested inner or "customer" tci" */
+ if (attrs & (1 << OVS_KEY_ATTR_VLAN)) {
+ __be16 ctci;
+ __be16 c_tpid;
+
+ ctci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
+ if (!(ctci & htons(VLAN_TAG_PRESENT))) {
+ if (is_mask)
+ OVS_NLERR(log, "VLAN CTCI mask does not have exact match for VLAN_TAG_PRESENT bit.");
+ else
+ OVS_NLERR(log, "VLAN CTCI does not have VLAN_TAG_PRESENT bit
+set.");
+
+ return -EINVAL;
+ }
+ c_tpid = nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]);
+ SW_FLOW_KEY_PUT(match, eth.cvlan.c_tpid, ctci, is_mask);
+ SW_FLOW_KEY_PUT(match, eth.cvlan.ctci, ctci, is_mask);
+ }
+ return 0;
+}
+
static int ovs_key_from_nlattrs(struct sw_flow_match *match, u64 attrs,
const struct nlattr **a, bool is_mask,
bool log)
@@ -1024,6 +1049,104 @@ static void mask_set_nlattr(struct nlattr *attr, u8 val)
nlattr_set(attr, val, ovs_key_lens);
}
+static int parse_vlan_from_nlattrs(const struct nlattr *nla,
+ struct sw_flow_match *match,
+ u64 *key_attrs, bool *ie_valid,
+ const struct nlattr **a, bool is_mask,
+ bool log)
+{
+ int err;
+ __be16 tci;
+ const struct nlattr *encap;
+
+ *ie_valid = false;
+ if (!is_mask) {
+ u64 v_attrs = 0;
+
+ tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
+
+ if (tci & htons(VLAN_TAG_PRESENT)) {
+ err = parse_flow_nlattrs(nla, a, &v_attrs, log);
+ if (err)
+ return err;
+ if (!v_attrs)
+ return -EINVAL;
+ /* Another encap attribute here indicates
+ * a double tagged vlan.
+ */
+ if (v_attrs & (1ULL << OVS_KEY_ATTR_ENCAP)) {
+ if (!(v_attrs & (1ULL << OVS_KEY_ATTR_VLAN))) {
+ OVS_NLERR(log, "Inner encap attr is set for non VLAN frame");
+ return -EINVAL;
+ }
+ v_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
+ encap = a[OVS_KEY_ATTR_ENCAP];
+ v_attrs &= ~(1 << OVS_KEY_ATTR_ENCAP);
+ *ie_valid = true;
+
+ err = cust_vlan_from_nlattrs(match, v_attrs,
+ &encap, is_mask,
+ log);
+ if (err)
+ return err;
+ /* Insure that tci key attribute isn't
+ * overwritten by encapsulated customer tci.
+ */
+ v_attrs &= ~(1 << OVS_KEY_ATTR_VLAN);
+ *key_attrs |= v_attrs;
+ } else {
+ *key_attrs &= ~(1 << OVS_KEY_ATTR_VLAN);
+ err = parse_flow_nlattrs(nla, a, key_attrs,
+ log);
+ if (err)
+ return err;
+ }
+ } else if (!tci) {
+ /* Corner case for truncated 802.1Q header. */
+ if (nla_len(nla)) {
+ OVS_NLERR(log, "Truncated 802.1Q header has non-zero encap attribute.");
+ return -EINVAL;
+ }
+ } else {
+ OVS_NLERR(log, "Encap attr is set for non-VLAN frame");
+ return -EINVAL;
+ }
+
+ } else {
+ u64 mask_v_attrs = 0;
+
+ tci = 0;
+ if (a[OVS_KEY_ATTR_VLAN])
+ tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
+
+ if (!(tci & htons(VLAN_TAG_PRESENT))) {
+ OVS_NLERR(log, "VLAN tag present bit must have an exact match (tci_mask=%x).",
+ ntohs(tci));
+ err = -EINVAL;
+ return err;
+ }
+ err = parse_flow_mask_nlattrs(nla, a, &mask_v_attrs,
+ log);
+ if (err)
+ return err;
+
+ if (mask_v_attrs & (1ULL << OVS_KEY_ATTR_VLAN)) {
+ err = cust_vlan_from_nlattrs(match, mask_v_attrs,
+ a, is_mask, log);
+ if (err)
+ return err;
+
+ mask_v_attrs &= ~(1ULL << OVS_KEY_ATTR_VLAN);
+ *key_attrs |= mask_v_attrs;
+ } else {
+ *key_attrs &= ~(1 << OVS_KEY_ATTR_VLAN);
+ if (err)
+ return err;
+ }
+ }
+ return 0;
+}
+
/**
* ovs_nla_get_match - parses Netlink attributes into a flow key and
* mask. In case the 'mask' is NULL, the flow is treated as exact match @@ -1050,6 +1173,7 @@ int ovs_nla_get_match(struct sw_flow_match *match,
u64 key_attrs = 0;
u64 mask_attrs = 0;
bool encap_valid = false;
+ bool i_encap_valid = false;
int err;
err = parse_flow_nlattrs(nla_key, a, &key_attrs, log); @@ -1058,35 +1182,24 @@ int ovs_nla_get_match(struct sw_flow_match *match,
if ((key_attrs & (1 << OVS_KEY_ATTR_ETHERNET)) &&
(key_attrs & (1 << OVS_KEY_ATTR_ETHERTYPE)) &&
- (nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) == htons(ETH_P_8021Q))) {
- __be16 tci;
+ eth_type_vlan(nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]))) {
- if (!((key_attrs & (1 << OVS_KEY_ATTR_VLAN)) &&
- (key_attrs & (1 << OVS_KEY_ATTR_ENCAP)))) {
+ if (!((key_attrs & (1ULL << OVS_KEY_ATTR_VLAN)) &&
+ (key_attrs & (1ULL << OVS_KEY_ATTR_ENCAP)))) {
OVS_NLERR(log, "Invalid Vlan frame.");
return -EINVAL;
}
key_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
- tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
encap = a[OVS_KEY_ATTR_ENCAP];
key_attrs &= ~(1 << OVS_KEY_ATTR_ENCAP);
encap_valid = true;
- if (tci & htons(VLAN_TAG_PRESENT)) {
- err = parse_flow_nlattrs(encap, a, &key_attrs, log);
- if (err)
- return err;
- } else if (!tci) {
- /* Corner case for truncated 802.1Q header. */
- if (nla_len(encap)) {
- OVS_NLERR(log, "Truncated 802.1Q header has non-zero encap attribute.");
- return -EINVAL;
- }
- } else {
- OVS_NLERR(log, "Encap attr is set for non-VLAN frame");
- return -EINVAL;
- }
+ err = parse_vlan_from_nlattrs(encap, match, &key_attrs,
+ &i_encap_valid, a, false, log);
+ if (err)
+ return err;
+
}
err = ovs_key_from_nlattrs(match, key_attrs, a, false, log); @@ -1132,7 +1245,6 @@ int ovs_nla_get_match(struct sw_flow_match *match,
if (mask_attrs & 1 << OVS_KEY_ATTR_ENCAP) {
__be16 eth_type = 0;
- __be16 tci = 0;
if (!encap_valid) {
OVS_NLERR(log, "Encap mask attribute is set for non-VLAN frame."); @@ -1158,15 +1270,13 @@ int ovs_nla_get_match(struct sw_flow_match *match,
goto free_newmask;
}
- if (a[OVS_KEY_ATTR_VLAN])
- tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
-
- if (!(tci & htons(VLAN_TAG_PRESENT))) {
- OVS_NLERR(log, "VLAN tag present bit must have an exact match (tci_mask=%x).",
- ntohs(tci));
- err = -EINVAL;
+ err = parse_vlan_from_nlattrs(encap, match,
+ &mask_attrs,
+ &i_encap_valid, a, true,
+ log);
+ if (err)
goto free_newmask;
- }
+
}
err = ovs_key_from_nlattrs(match, mask_attrs, a, true, log); @@ -1277,6 +1387,7 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey, {
struct ovs_key_ethernet *eth_key;
struct nlattr *nla, *encap;
+ struct nlattr *in_encap = NULL;
if (nla_put_u32(skb, OVS_KEY_ATTR_RECIRC_ID, output->recirc_id))
goto nla_put_failure;
@@ -1331,8 +1442,30 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
if (!swkey->eth.tci)
goto unencap;
- } else
+ } else if (swkey->eth.cvlan.ctci || swkey->eth.type ==
+ htons(ETH_P_8021AD)) {
+ __be16 eth_type;
+
+ eth_type = !is_mask ? htons(ETH_P_8021AD) : htons(0xffff);
+ if (nla_put_be16(skb, OVS_KEY_ATTR_ETHERTYPE, eth_type) ||
+ nla_put_be16(skb, OVS_KEY_ATTR_VLAN, output->eth.tci))
+ goto nla_put_failure;
+ encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
+ if (!swkey->eth.tci)
+ goto unencap;
+ /* Customer tci is nested but uses same key attribute.
+ */
+ eth_type = !is_mask ? htons(ETH_P_8021Q) : htons(0xffff);
+ if (nla_put_be16(skb, OVS_KEY_ATTR_ETHERTYPE, eth_type) ||
+ nla_put_be16(skb, OVS_KEY_ATTR_VLAN,
+ output->eth.cvlan.ctci))
+ goto nla_put_failure;
+ in_encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
+ if (!swkey->eth.cvlan.ctci)
+ goto unencap;
+ } else {
encap = NULL;
+ }
if (swkey->eth.type == htons(ETH_P_802_2)) {
/*
@@ -1479,6 +1612,8 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
unencap:
if (encap)
nla_nest_end(skb, encap);
+ if (in_encap)
+ nla_nest_end(skb, in_encap);
return 0;
@@ -2127,7 +2262,8 @@ static int __ovs_nla_copy_actions(const struct nlattr *attr,
case OVS_ACTION_ATTR_PUSH_VLAN:
vlan = nla_data(a);
- if (vlan->vlan_tpid != htons(ETH_P_8021Q))
+ if ((vlan->vlan_tpid != htons(ETH_P_8021Q)) &&
+ (vlan->vlan_tpid != htons(ETH_P_8021AD)))
return -EINVAL;
if (!(vlan->vlan_tci & htons(VLAN_TAG_PRESENT)))
return -EINVAL;
--
2.4.3
_______________________________________________
dev mailing list
dev@...nvswitch.org
http://openvswitch.org/mailman/listinfo/dev
Powered by blists - more mailing lists